Monitoring the performance values of the Operating System of a physical or virtual server is as important as ever. With proper supervision, you can understand system resource usage and identify performance-related issues, such as utilization, downtime, and response time.
In a previous blog post, we discussed the various ways to monitor Linux machines, covering the protocols you can enable on servers and the metrics you can obtain in each case.
This time, let’s talk about how to monitor Windows servers with WOCU.
Once again, we’ll refer to the WOCU user manual.
Go to the MONITORING PACKS section.
Under Pack Categories, you’ll find a list of packs grouped by families.
To see the packs related to Windows, go to the Operating System category. Clicking on the [+] sign will expand the list of monitoring packs included in WOCU for monitoring Windows servers.
The following packs are useful for monitoring Windows servers:
Now, let’s explore in detail what each of these packs offers.
Now, let’s explore in detail what each of these packs offers.
OS-RESOURCES Pack
This pack is used to monitor Windows machines with SNMP enabled. Yes, SNMP on Windows? It’s not the most common setup, I know, but they do exist (like witches). In this Microsoft article, you can learn about SNMP and how to enable it on Windows machines. For our OS-RESOURCES pack, we use the HOST-RESOURCES-MIB and obtain the following metrics:- Users – The number of user sessions for which this host stores state information.
- CPU usage 1m – Percentage of CPU usage in the last minute.
- Uptime – Time since the server was last started.
- Memory buffer usage – Amount (in bytes) of physical memory storage used for storing temporary data.
- Virtual memory usage – Amount (in bytes) assigned to virtual memory.
- RAM usage – Amount (in bytes) of RAM used.
- Partition X – Size of partition X used.
- Number of processes – Number of processes running on the Windows server.
- Processes P – Checks whether the process is active on Windows servers.
Windows Pack
However, the default pack for monitoring Windows servers in WOCU is the pack called Windows 🙂 It works using the native Windows protocol, Windows Management Instrumentation (WMI). To use it, you’ll need to ask your Windows administrator to configure it for you and provide you with the following basic information:- Domain – Domain of the Windows server.
- Domain User – Equivalent to the full User name (must have necessary permissions in the WMI tables for WOCU to query the tables and obtain the information monitored by the pack).
- Domain Password – The password of the WMI user.
- EachCpu – % usage of each of the server’s CPUs in the last 5 minutes.
- EventLogApplication – Checks for Application logs labeled as Warning or Critical.
- Network Interface – Detects abnormal usage of the server’s network interfaces.
- Swap – Swap space usage (too much swap usage indicates memory shortage or memory loss).
- Big Processes – Checks CPU usage above a certain value.
- Physical memory usage – Amount (in bytes) assigned to physical memory.
- Services – Number of services set to AUTO (start) on the server.
- Load Average – System load average over the last 5 minutes.
- Inactive Sessions – Checks if the user is inactive.
- DisksIO – Speed at which data transfer between the hard drive and RAM occurs, or basically measures disk I/O time.
- Disks – Overall disk usage.
- EventLogSystem – Detects abnormal system events.
- Reboot – Displays the date of the last restart.
- ShareSpace – Checks available space on shared resources.
Other packs that enrich Windows server monitoring
Sometimes, however, we need a little more visibility on certain elements. This would be the case with disks since the previous pack only monitors the C:/ partition.Windows Drive Size Pack
Then we can use the Windows-drive-size pack, which displays the size of any of the drives on a Windows server, also using the WMI protocol.Windows Events Pack
Another case where our Windows pack might fall short is when monitoring System Events. In this case, we use the Windows-events pack. It’s very powerful because it allows you to perform very granular monitoring of the type of event you’re interested in. Below is a summary of the variables you can use to filter just the type of events you want to “hunt.”List of variables to filter Windows system events